SantaMonicaRecruiter Since 2001
the smart solution for Santa Monica jobs

Information Security Engineer, DevSecOps

Company: RAND Corporation
Location: Santa Monica
Posted on: June 13, 2022

Job Description:

Job Type: RegularInformation Security Engineer, DevSecOpsRAND Information SecurityPosition DescriptionThe RAND Corporation seeks an Information Security Engineer, DevSecOps, with a strong background in both cybersecurity and API-driven automation and orchestration to join the Information Security Architecture and Engineering team. The Architecture and Engineering team applies next generation technologies to combat the efforts of advanced persistent threat (APT) adversaries in their attempts to infiltrate and disrupt RAND's computing services. The candidate will apply their experience to streamline ongoing operations while identifying and pursuing opportunities to continuously improve the impact and reliability of our cyber deterrence capabilities applying zero trust architecture (ZTA) network principles through API-driven automation to integrate systems, orchestrate workflows and perform quality assurance checks on network and system configurations. The engineer will identify, design, and develop solutions to integrate systems for better interoperation, facilitate continuous quality control of systems configurations, and streamline the analysis of systems vulnerabilities and assist with threat hunting. As RAND transitions the bulk of its computing services to cloud infrastructure and services, this role will work with others on the team to identify areas where automation could benefit the cloud security posture. The information security team plays an integral role in securing all of RAND's information systems by setting and verifying security and policy requirements. Additionally, RAND's information security professionals have the unique experience of being able to work with RAND's cyber policy researchers in support of their policy analysis on emerging cyber threats on ransomware, autonomous vehicles, health care services, critical infrastructure, and our national security capabilities.DUTIES AND RESPONSIBILITIES AND OTHER SUCCESS CRITERIAThe following duties and responsibilities will be expected of the position:Developed automated orchestration routines to ensure ongoing protection of cloud services,Design and develop solutions to integrate systems across the network to improve interoperation as well as to continuously verify systems configuration against baselines,Identify, select, and deploy emerging cloud and hybrid cloud security services across RAND's cloud services,Diagnose and troubleshoot cyber-related network and system performance deficiencies,Contribute to the development and maturation of the cybersecurity strategy and roadmap,Apply engineering principles to the management of RAND's cyber infrastructure services,Work with all of RAND's software and web development teams to ensure sound security practices and security is designed and built into the applications from the ground up. Self-motivated and fully responsible for leading technology deliverables, analyzing gaps and driving improvements to RAND's cyber-deterrence capabilities,Provide input to security policies and standards in accordance with changes in regulations, best practices, industry trends or controls required by RAND contracts and grants.Experience with relational and NoSQL database technologiesExperience with C/C#, web frameworks (e.g., Django, Flask or React), Java, JavaScript, Python, Docker and other abstraction and containerization technologiesExperience designing, implementing, and maintaining cybersecurity configurations in network, boundary appliances or application servicesSome experience working with leading SaaS platform APIs such as Workday, Salesforce or Office 365MINIMUM QUALIFICATIONSA minimum of 5 years' experience in engineering and cyber deterrence with 3 years' experience in software engineering with languages such as JavaScript and PythonA minimum of 3 years' experience with at least one of AWS, Azure or GCPCloud orchestration technologies including such as AWS CloudFormations, Azure Kubernetes, and Durable OrchestrationHybrid cloud security platforms such as Armor Anywhere and CloudvisorySecure coding standards including OWASPSecurely managing credentials and secrets for general coding and cloud APIsCyber forensics - conducting cyber investigations and diagnosing indicators of compromiseProficiency with infrastructure as code, configuration management and version control systemsRequirements' definition, gap analysis and technology assessment and selectionIndustry engagement - ND-ISAC, RSA, Blackhat and othersUnderstanding of capabilities central to securing enterprise networks including end point protection, detection and response services, network intrusion detection and prevention systems, behavior-based malware detection, and memory forensicsStand-out qualifications that would put you ahead of other candidatesLead developer responsible for the full stack development of a multitier application responsible for auditing, ensuring the compliance or assisting with threat hunting on a networkDeveloped a cyber solution that applied machine learning techniques to advance network security, visibility, or adherence to the security governanceEDUCATION AND CERTIFICATIONSA Bachelor's Degree in Computer Science or equivalent field of studyOne or more IT and Cyber Security certifications such as AWS Certified Security, Azure Security Engineer Associate, CSK, CCSP, CISSP, CISA, GCSA, and Security+ADDITIONAL REQUIREMENTSThe selected individual must have the ability to obtain and maintain at least a DoD Secret clearance and/or DHS Fitness designation.This position may have the feature of offerring a 100% remote work arrangement.*RAND*Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet

Keywords: RAND Corporation, Santa Monica , Information Security Engineer, DevSecOps, Engineering , Santa Monica, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Santa Monica RSS job feeds